<?php
class App_Plugin_Acl extends Zend_Controller_Plugin_Abstract
{
	public function preDispatch(Zend_Controller_Request_Abstract $request)
	{
		// create new acl object
		$acl = new Zend_Acl();

		// define resources. typically there are
		// only four resources from the CRUD functionality
		// but there can be added more resources
		$acl->add(new Zend_Acl_Resource('index'));
		$acl->add(new Zend_Acl_Resource('error'));
		$acl->add(new Zend_Acl_Resource('pessoa'));
		//$acl->add(new Zend_Acl_Resource('transferencia'));

		// define roles
		$acl->addRole(new Zend_Acl_Role('GERENTE'));
		$acl->addRole(new Zend_Acl_Role('VISITANTE'));
		$acl->addRole(new Zend_Acl_Role('TESOURARIA'));
		$acl->addRole(new Zend_Acl_Role('SECRETARIA'));

		// define privileges
		$acl->allow('GERENTE', array('index','error','pessoa'));
		

		// setup acl in the registry for more
		
		Zend_Registry::set('acl', $acl);

		// check permissions
		if (!$acl->isAllowed('VISITANTE', $request->getActionName())) {
			$request->setControllerName('error');
			$request->setActionName('error');
		}
	}
}